Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/pandazheng/Threat-Intelligence-Analyst

威胁情报,恶意样本分析,开源Malware代码收集
https://github.com/pandazheng/Threat-Intelligence-Analyst

Last synced: about 2 months ago
JSON representation

威胁情报,恶意样本分析,开源Malware代码收集

Awesome Lists containing this project

README

        

# Threat-Intelligence-Analyst
威胁情报,恶意样本分析,自动化python脚本,开源Malware代码收集,APT攻击安例相关

# TI威胁情报
https://start.me/p/rxRbpo/ti

# Analyzing Malicious Password Protected Office Documents
https://r3mrum.wordpress.com/2017/06/29/analyzing-malicious-password-protected-office-documents/

# Hack
https://github.com/Hack-with-Github/Awesome-Hacking

# 恶意软件分析大合集
https://github.com/rshipp/awesome-malware-analysis
https://github.com/wtsxDev/Malware-Analysis
https://github.com/CHYbeta/Software-Security-Learning

# LifeOfBinarie
http://www.opensecuritytraining.info/LifeOfBinaries.html

# PNG Payload
https://www.anquanke.com/post/id/166451

# Malware Sample Source
https://zeltser.com/malware-sample-sources/

# Malware Analyst
https://pastebin.com/QXURDzmA

# Malware分析文章
http://reversingminds-blog.logdown.com/
https://cysinfo.com/category/training/malware-analysis/

# 恶意样本分析
http://blog.nsfocus.net/malware-sample-analysis-summary/

# Resources for Learning Reverse Engineering
http://jackson-t.ca/re-resources.html

# 病毒分类
https://www.virusradar.com/en/glossary

# 在线检测恶意软件网站
https://www.hybrid-analysis.com/
https://www.virustotal.com/#/home/upload
https://www.reverse.it/
https://www.maldun.com/submit/submit_file/
https://habo.qq.com/
https://www.joesandbox.com/
https://virusscan.jotti.org/
http://www.threatexpert.com/submit.aspx
http://virscan.org/
https://any.run/
https://id-ransomware.malwarehunterteam.com/
https://www.vmray.com

# 用命令行与Python使用YARA规则-识别恶意木马必备
https://bbs.pediy.com/thread-223070.htm

# ida视频
http://hdvidzpro.pro/video/ida-tutorial

# 恶意样本分析
https://secrary.com/ReversingMalware/CoinMiner/
https://secrary.com/ReversingMalware
https://secrary.com/ReversingMalware/Upatre/
https://secrary.com/ReversingMalware/Mamba/
https://secrary.com/ReversingMalware/UnpackingShade/
https://secrary.com/ReversingMalware/Enosch/
https://www.anquanke.com/post/id/87172
http://blog.talosintelligence.com/2017/11/zeus-panda-campaign.html

# Malware Sample Sources for Researchers
https://zeltser.com/malware-sample-sources/

# List of Malware Sources
http://www.kernelmode.info/forum/viewtopic.php?f=16&t=308

# WMI BackDoor
https://www.eideon.com/2018-03-02-THL03-WMIBackdoors/

# IDA
http://kingerwu.com/2017/12/16/IDA%E6%93%8D%E4%BD%9C%E7%9F%A5%E8%AF%86%E8%AE%B0%E5%BD%95/#more

# malware analysis labs
https://cybersecweb.wordpress.com/2016/07/12/malware-analysis-labs/

# Exploitation Archives
https://rootkits.xyz/blog/tag/exploitation/

# Exploits
https://0xrick.github.io/binary-exploitation/bof2/

# VMP/TMD Unpack
OD调试过VMProtect虚拟机检测教程
https://www.52pojie.cn/thread-411742-1-1.html

TMD壳的脱壳(可能是2.1.8)
https://www.52pojie.cn/thread-675279-1-1.html

VMP v3.0.9过VMware检测
https://www.52pojie.cn/thread-635613-1-4.html

分析一个新型VM的CrackMe
https://www.52pojie.cn/thread-695729-1-1.html

# MIPS 路由器木马
http://www.freebuf.com/articles/network/88798.html

# 勒索软件信息
https://www.botfrei.de/de/ransomware/galerie.html

# Linux Kernel Debug
https://bbs.pediy.com/thread-226139.htm

# PowerShell
https://docs.microsoft.com/zh-cn/powershell/scripting/powershell-scripting?view=powershell-6

# Limon Sandbox For Analyzing Linux Malwares
https://malware-unplugged.blogspot.com/2015/11/limon-sandbox-for-analyzing-linux.html
https://www.blackhat.com/docs/eu-15/materials/eu-15-KA-Automating-Linux-Malware-Analysis-Using-Limon-Sandbox-wp.pdf
https://www.youtube.com/watch?v=fSCKyF--tRs&feature=youtu.be

# Advanced Malware Analysis
https://cysinfo.com/category/training/advanced-malware-analysis/

# WMI POWERSHELL 挖矿
http://www.freebuf.com/articles/network/163233.html

# CTF
http://eternalsakura13.com/2018/03/21/lctf2/

# CoinMiner
Linux.挖矿.cpuminer方法记录
http://www.bubuko.com/infodetail-2167951.html

Compile CPUminer under Linux CentOS
https://rumorscity.com/2014/01/04/compile-and-install-cpuminer-on-linux-centos/

搭建Redis&Minerd安全应急演练环境
http://www.freebuf.com/sectool/156904.html

centos 6.3 64位下cpuminer +mining_proxy 挖掘莱特币(LTC)教程
https://www.cnblogs.com/sixiweb/archive/2013/12/02/3454564.html

coinotron
https://www.coinotron.com

# NET Malware
https://blogs.cisco.com/security/talos/reversing-multilayer-net-malware

# URL
https://urlhaus.abuse.ch/browse/

# Yara
http://www.freebuf.com/articles/system/26373.html
https://github.com/plusvic/yara/releases/tag/v2.0.0
https://yara.readthedocs.io/en/v3.5.0/gettingstarted.html
https://analysis.yararules.com/
https://github.com/Yara-Rules/rules
https://www.bsk-consulting.de/2015/02/16/write-simple-sound-yara-rules/
https://www.bsk-consulting.de/2015/10/17/how-to-write-simple-but-sound-yara-rules-part-2/
https://www.bsk-consulting.de/2016/04/15/how-to-write-simple-but-sound-yara-rules-part-3/

# 教你构建自己的yara数据库
http://blog.safedog.cn/?p=281

# 基础反调试技术总结
https://bbs.pediy.com/thread-212371.htm

# ARM Exploit
http://www.freebuf.com/articles/terminal/107276.html

Linux下莱特币Litecoin挖矿教程
https://blog.linuxeye.cn/385.html

Linux 莱特币LTC CPU挖掘教程
http://www.iitshare.com/linux-litecoin-ltc-mining-tutorial.html

以太坊Linux系统挖矿教程
http://www.8btc.com/gpu-mining

莱特币ltc挖矿教程:cpu挖矿与gpu挖矿(详细图文)
http://www.mnw.cn/news/digi/699354.html

# 勒索软件分析报告
File-Locker Ransomware
https://www.bleepingcomputer.com/news/security/file-locker-ransomware-targets-korean-victims-and-asks-for-50k-won/

层层抽丝——GlobeImposter勒索病毒分析
https://bbs.ichunqiu.com/thread-30152-1-1.html

轻轻脱掉你的衣--宏病毒的骚姿势
https://bbs.ichunqiu.com/thread-29739-1-2.html

揭秘Chimera勒索软件
http://www.freebuf.com/articles/system/112142.html

初步分析勒索软件ZEPTO
http://www.freebuf.com/articles/system/112328.html

新型恶意勒索软件cuteRansomware
http://www.freebuf.com/news/109242.html

使用AES-256加密算法的勒索软件SkidLocker分析
http://www.freebuf.com/articles/terminal/99153.html

NanoLocker勒索软件的逆向分析
http://www.freebuf.com/articles/network/94595.html

新型恶意勒索软件DMA Locker分析
http://www.freebuf.com/articles/network/96738.html

locky勒索软件恶意样本分析2
http://www.ithtw.com/thread-8888.htm

locky勒索软件恶意样本分析1
http://blog.topsec.com.cn/ad_lab/locky%E5%8B%92%E7%B4%A2%E8%BD%AF%E4%BB%B6%E6%81%B6%E6%84%8F%E6%A0%B7%E6%9C%AC%E5%88%86%E6%9E%90/

IoT安全:调试环境搭建教程(AArch64篇)
https://bbs.pediy.com/thread-229581.htm

# Docker分析文章
Docker恶意软件分析系列之初识Docker
http://blog.sina.com.cn/s/blog_e8e60bc00102vl37.html
Docker恶意软件分析系列II:客户端风险分析
http://blog.sina.com.cn/s/blog_e8e60bc00102vlq7.html
Docker恶意软件分析系列III:用viper分析APK和木马信息
http://blog.sina.com.cn/s/blog_e8e60bc00102vm2p.html
Docker恶意软件分析系列Ⅳ:js反混淆分析
http://blog.sina.com.cn/s/blog_e8e60bc00102vmwi.html
Docker恶意软件分析系列V:ALICTF决赛题目设计
http://blog.sina.com.cn/s/blog_e8e60bc00102vnr0.html
Docker恶意软件分析系列VI:ALICTF决赛解题思路
http://blog.sina.com.cn/s/blog_e8e60bc00102vnr6.html

# Android 加固分析
https://paper.seebug.org/44/

# MalwareVbr
https://0x4954.wordpress.com/2017/12/03/dfir-tips-malwarevbr-vm/

# JS混淆
http://relentless-coding.org/projects/jsdetox/samples
http://www.freebuf.com/column/157281.html

# BitCode
https://blockchain.info/

# Processon
https://www.processon.com/

# RTFOBJ
https://www.decalage.info/python/rtfobj

# Python
https://awesome-python.com/

# Linux Malware Analyst
http://blog.malwaremustdie.org/2016/11/linux-malware.html

# Window Payload
http://www.freebuf.com/articles/system/156710.html

# PowerShell
http://www.freebuf.com/articles/database/101267.html
http://www.freebuf.com/sectool/120675.html
http://www.freebuf.com/sectool/136328.html
http://www.freebuf.com/sectool/144824.html
http://www.freebuf.com/sectool/149835.html

# PART 2A: INTRO TO THREAT HUNTING WITH KOLIDE FLEET, OSQUERY, POWERSHELL EMPIRE, AND CALDERA – SETUP ENVIRONMENT
https://holdmybeersecurity.com/2018/01/16/part-2a-intro-to-threat-hunting-with-kolide-fleet-osquery-powershell-empire-and-caldera-setup-environment/

# R2
https://sec.xiaomi.com/article/30

# Proxmox & Cuckoo
https://4d5a.re/proxmox-cuckoo-a-powerful-combo-for-your-home-malware-lab/

# 威胁情报网站
https://x.threatbook.cn/
https://ti.360.com/
https://www.threatminer.org/

# 恶意流量分析网站
http://www.malware-traffic-analysis.net

# 安全网站
https://quequero.org/

# ML Malware
http://www.covert.io/the-definitive-security-datascience-and-machinelearning-guide/

# 看雪知识库
https://www.kanxue.com/chm.htm

# NET逆向
https://www.anquanke.com/post/id/89730
https://www.anquanke.com/post/id/90174

# 虚拟机检测技术攻防
http://blog.csdn.net/whatday/article/details/10393325

# x86_64 Reverse-Engineering
https://leotindall.com/tutorial/an-intro-to-x86_64-reverse-engineering/

# Unpacking Shade Ransomware
https://secrary.com/ReversingMalware/UnpackingShade/

# DDoS
https://www.secpulse.com/archives/64088.html
https://www.secpulse.com/archives/65477.html

# Android So
https://bbs.pediy.com/thread-221965.htm

# VMWare
https://remnux.org/docs/distro/tools/

# MalwareCookBook
https://github.com/mgoffin/malwarecookbook

# Malware Analyst Research Toolkit
https://github.com/mboman/mart

# SSMA - Simple Static Malware Analyzer
https://github.com/secrary/SSMA

# Malicious traffic detection system
https://github.com/stamparm/maltrail

# Collection of android malware samples - Android Samples
https://github.com/ashishb/android-malware

# Malware Source
https://github.com/Chiggins/malware_sources

# List of awesome malware analysis tools and resources
https://github.com/wtsxDev/Malware-Analysis

# A collection of OSX and iOS security resources
https://github.com/kai5263499/osx-security-awesome

# Malware
https://github.com/0xBADBAC0N/malware

# ARM Emulate
https://salmanarif.bitbucket.io/visual/downloads.html

# Static and automated/dynamic malware analysis
https://github.com/abdesslem/malwareHunter

# Rootkits | Backdoors | Sniffers | Virus | Ransomware | Steganography | Cryptography | Shellcodes | Webshells | Keylogger | Botnets | Worms | Other Network Tools
https://github.com/vduddu/Malware

# Malware Classifier From Network Captures
https://github.com/adulau/MalwareClassifier

# Collection of scripts for different malware analysis tasks
https://github.com/deadbits/malware-analysis-scripts

# POC Android Malware Ransomware/Recon
https://github.com/tfairane/AndroMalware

# Repository containing Yara rules, indicators and tools from PhishMe Research
https://github.com/phishme/malware_analysis

# Binaries for the book Practical Malware Analysis
https://github.com/mikesiko/PracticalMalwareAnalysis-Labs

# Android Malware
https://github.com/virqdroid/Android_Malware

# Malware Behavior Analyzer
https://github.com/GlacierW/MBA

# Debian packaging of Linux Malware Detect
https://github.com/waja/maldetect

# Scanning and identifying XOR encrypted PE files in PE resources
https://github.com/edix/MalwareResourceScanner

# Windows Malware Rootkit
https://github.com/csurage/Rootkit

# Malware static analysis framework
https://github.com/KoreLogicSecurity/mastiff

# Harmless Android malware using the overlay technique to steal user credentials.
https://github.com/geeksonsecurity/android-overlay-malware-example

# My personal Automated Malware Analysis Sandboxes and Services
https://github.com/ironbits/Automated-Malware-Analysis-List

# Collection of almost 40.000 javascript malware samples
https://github.com/HynekPetrak/javascript-malware-collection

# Code for Deep Android Malware Detection paper
https://github.com/niallmcl/Deep-Android-Malware-Detection

# Various scripts for different malware families
https://github.com/sysopfb/Malware_Scripts

# iOS malware samples
https://github.com/ashishb/ios-malware

# An Android Eclipse project demonstrating how to build a simple anti-malware application
https://github.com/twitter-university/AntiMalware

# VMWare
https://app.vagrantup.com/boxes/search

# Windows Resource Download
https://msdn.itellyou.cn/

# Vulnhub
https://www.vulnhub.com/

# Windbg XP
http://blog.csdn.net/jiangdf/article/details/6843088

# 360报告
http://blogs.360.cn/blog/category/%E7%97%85%E6%AF%92%E5%88%86%E6%9E%90/

# Ransomware
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-1st-2017-decryptors-btcware-and-more/
https://id-ransomware.malwarehunterteam.com/

# IoT 门锁
https://larry.ngrep.me/2018/11/24/ble-sec-hackmelock/

# VirtualKD
http://virtualkd.sysprogs.org/download/

# OFFICE MALWARE/EXPLOIT
https://github.com/Screetsec/Microsploit
https://remnux.org/
https://r3mrum.wordpress.com/2017/06/29/analyzing-malicious-password-protected-office-documents/
https://dfir.it/blog/2015/06/17/analysts-handbook-analyzing-weaponized-documents/
https://zeltser.com/analyzing-malicious-documents/
https://www.shellntel.com/blog/2016/9/13/luckystrike-a-database-backed-evil-macro-generator
https://www.blackhillsinfosec.com/hide-payload-ms-office-document-properties/
https://securityoversimplicity.wordpress.com/2017/11/23/not-all-she-wrote-part-3-rigged-rtf-documents/
http://www.sdkhere.com/2017/12/analysis-of-file-spider-ransomware.html
https://pentestlab.blog/2017/12/15/microsoft-office-payloads-in-document-properties/
http://blog.51cto.com/antivirusjo/2054410  
http://www.freebuf.com/vuls/159789.html
http://blog.safedog.cn/?p=1519
http://blog.safedog.cn/?p=2209
https://spreadsecurity.github.io/2016/08/14/macro-malware-analysis.html
http://sites.utexas.edu/iso/2016/07/08/reverse-engineering-a-malicious-ms-word-document/
http://www.freebuf.com/articles/terminal/74921.html
https://www.anquanke.com/post/id/84105

https://countuponsecurity.com/2014/09/22/malicious-documents-pdf-analysis-in-5-steps/ 

https://countuponsecurity.com/2014/10/24/malicious-documents-word-with-vba-and-powershell/  

https://www.cert-ist.com/public/en/SO_detail?code=malicious_pdf    

http://netsecurity.51cto.com/art/200907/138668.htm    

https://blog.didierstevens.com/category/pdf/    

http://www.itbaby.me/blog/59f7ea965d21b31fcd4e2037    

https://zeltser.com/media/docs/analyzing-malicious-document-files.pdf   

https://paper.seebug.org/351/    

# Linux x86 Exploit
https://bbs.pediy.com/user-507717-1.htm

# Malware Samples
http://contagiodump.blogspot.com/
http://dasmalwerk.eu/
http://www.freetrojanbotnet.com/
https://malshare.com/
http://www.kernelmode.info/forum/viewforum.php?f=16
https://avcaesar.malware.lu/
http://www.malwareblacklist.com/showMDL.php
http://thezoo.morirt.com/
https://malwr.com/
http://openmalware.org/
http://www.virusign.com/
https://virusshare.com/

# Free Automated Malware Analysis Sandboxes and Services
https://zeltser.com/automated-malware-analysis/

# Free Online Tools for Looking up Potentially Malicious Websites
https://zeltser.com/lookup-malicious-websites/

# APT Sample
https://contagiodump.blogspot.com/2017/02/russian-apt-apt28-collection-of-samples.html

# CVE
CVE-2010-3333
http://blog.csdn.net/qq_32400847/article/details/70225519
https://wenku.baidu.com/view/11fd094384254b35effd3480.html
https://www.52pojie.cn/thread-290299-1-1.html
https://bbs.pediy.com/thread-158078.htm

CVE–2017–11882
http://bobao.360.cn/learning/detail/4734.html

CVE-2017-11826
https://blog.fortinet.com/2017/11/22/cve-2017-11826-exploited-in-the-wild-with-politically-themed-rtf-document

# malware source
[https://github.com/gbrindisi/malware](https://github.com/gbrindisi/malware)
[https://github.com/kaiserfarrell/malware](https://github.com/kaiserfarrell/malware)
[https://github.com/terrorisst/Malware](https://github.com/terrorisst/Malware)
[https://github.com/fdiskyou/malware](https://github.com/fdiskyou/malware)
[https://github.com/c633/malwaRE](https://github.com/c633/malwaRE)
[https://github.com/DanielRTeixeira/Malware](https://github.com/DanielRTeixeira/Malware)
[https://github.com/nikicat/web-malware-collection](https://github.com/nikicat/web-malware-collection)
[https://github.com/faber03/AndroidMalwareEvaluatingTools](https://github.com/faber03/AndroidMalwareEvaluatingTools)
[https://github.com/gasgas4/Leaked_Malware_SourceCode](https://github.com/gasgas4/Leaked_Malware_SourceCode)
[https://github.com/ashishb/android-malware](https://github.com/ashishb/android-malware)
[https://github.com/infosecguerrilla/LinuxMalwareSourceCode](https://github.com/infosecguerrilla/LinuxMalwareSourceCode)
[https://github.com/tfairane/AndroMalware](https://github.com/tfairane/AndroMalware)
[https://github.com/infosecguerrilla/WindowsMalwareSourceCode](https://github.com/infosecguerrilla/WindowsMalwareSourceCode)
[https://github.com/csurage/Rootkit](https://github.com/csurage/Rootkit)
[https://github.com/adi0x90/POC-Android-Malware](https://github.com/adi0x90/POC-Android-Malware)
[https://github.com/cheverebe/Android-malware](https://github.com/cheverebe/Android-malware)
[https://github.com/ispoleet/malware](https://github.com/ispoleet/malware)
[https://github.com/bakely/malware](https://github.com/bakely/malware)
[https://github.com/K1rky/Malware](https://github.com/K1rky/Malware)
[https://github.com/Screetsec/TheFatRat](https://github.com/Screetsec/TheFatRat)
[https://github.com/asudhak/Android-Malware](https://github.com/asudhak/Android-Malware)
[https://github.com/Xyl2k/Malware-Auto-Downloader](https://github.com/Xyl2k/Malware-Auto-Downloader)
[https://github.com/slydon/malware_tools](https://github.com/slydon/malware_tools)
[https://github.com/Mi3Security/su-a-cyder](https://github.com/Mi3Security/su-a-cyder)
[https://github.com/pandazheng/POC-Android-Malware-files](https://github.com/pandazheng/POC-Android-Malware-files)
[https://github.com/tfairane/AndroMalware](https://github.com/tfairane/AndroMalware)
[https://github.com/eset/malware-research](https://github.com/eset/malware-research)
[https://github.com/m0nad/Diamorphine](https://github.com/m0nad/Diamorphine)
[https://github.com/a7vinx/liinux](https://github.com/a7vinx/liinux)

# auto script
[https://github.com/znb/Malware](https://github.com/znb/Malware)
[https://github.com/arbor-jjones/malware](https://github.com/arbor-jjones/malware)
[https://github.com/samvartaka/malware](https://github.com/samvartaka/malware)
[https://github.com/John-Lin/malware](https://github.com/John-Lin/malware)
[https://github.com/PythonWebScrapingMalware/Malware](https://github.com/PythonWebScrapingMalware/Malware)
[https://github.com/sroberts/malwarehouse](https://github.com/sroberts/malwarehouse)
[https://github.com/SpiderLabs/malware-analysis](https://github.com/SpiderLabs/malware-analysis)
[https://github.com/hasherezade/malware_analysis](https://github.com/hasherezade/malware_analysis)
[https://github.com/tomchop/malcom](https://github.com/tomchop/malcom)
[https://github.com/JustF0rWork/malware](https://github.com/JustF0rWork/malware)
[https://github.com/seifreed/malware-scripts](https://github.com/seifreed/malware-scripts)
[https://github.com/andrew-morris/stupid_malware](https://github.com/andrew-morris/stupid_malware)
[https://github.com/abdesslem/malwareHunter](https://github.com/abdesslem/malwareHunter)
[https://github.com/dchad/malware-detection](https://github.com/dchad/malware-detection)
[https://github.com/bindog/ToyMalwareClassification](https://github.com/bindog/ToyMalwareClassification)
[https://github.com/svent/jsdetox](https://github.com/svent/jsdetox)
[https://github.com/Googulator/TeslaCrack](https://github.com/Googulator/TeslaCrack)
[https://github.com/KoreLogicSecurity/mastiff](https://github.com/KoreLogicSecurity/mastiff)
[https://github.com/adobe-security/Malware-classifier](https://github.com/adobe-security/Malware-classifier)
[https://github.com/PaloAltoNetworks/WireLurkerDetector](https://github.com/PaloAltoNetworks/WireLurkerDetector)
[https://github.com/necst/aamo](https://github.com/necst/aamo)
[https://github.com/maltelligence/maltelligence](https://github.com/maltelligence/maltelligence)
[https://github.com/mwleeds/android-malware-analysis](https://github.com/mwleeds/android-malware-analysis)
[https://github.com/trendmicro/aleph](https://github.com/trendmicro/aleph)
[https://github.com/idanr1986/cuckoo-droid](https://github.com/idanr1986/cuckoo-droid)
[https://github.com/MalwareLu/tools](https://github.com/MalwareLu/tools)
[https://github.com/hgascon/adagio](https://github.com/hgascon/adagio)
[https://github.com/rieck/malheur](https://github.com/rieck/malheur)
[https://github.com/dcmorton/MalwareTools](https://github.com/dcmorton/MalwareTools)
[https://github.com/ispoleet/malware](https://github.com/ispoleet/malware)
[https://github.com/Dynetics/Malfunction](https://github.com/Dynetics/Malfunction)
[https://github.com/tiago4orion/malelf](https://github.com/tiago4orion/malelf)
[https://github.com/lbull/malware-collector](https://github.com/lbull/malware-collector)
[https://github.com/sysopfb/Malware_Scripts](https://github.com/sysopfb/Malware_Scripts)
[https://github.com/deadbits/malware-analysis-scripts](https://github.com/deadbits/malware-analysis-scripts)
[https://github.com/tuomao/android_malware_detection](https://github.com/tuomao/android_malware_detection)
[https://github.com/aim4r/VolDiff](https://github.com/aim4r/VolDiff)
[https://github.com/VT-Magnum-Research/antimalware](https://github.com/VT-Magnum-Research/antimalware)
[https://github.com/devwerks/Static-Malware-Analyses](https://github.com/devwerks/Static-Malware-Analyses)
[https://github.com/guelfoweb/peframe](https://github.com/guelfoweb/peframe)
[https://github.com/nheijmans/malzoo](https://github.com/nheijmans/malzoo)
[https://github.com/neriberto/hg](https://github.com/neriberto/hg)
[https://github.com/mboman/mart](https://github.com/mboman/mart)
[https://github.com/CSIRTUK/Malware-Tools](https://github.com/CSIRTUK/Malware-Tools)
[https://github.com/0x71/cuckoo-linux](https://github.com/0x71/cuckoo-linux)
[https://github.com/bunseokbot/androtools](https://github.com/bunseokbot/androtools)
[https://github.com/psdeshpande/MalwareDetection](https://github.com/psdeshpande/MalwareDetection)
[https://github.com/sibichakkaravarthy/Malware-Analysis](https://github.com/sibichakkaravarthy/Malware-Analysis)
[https://github.com/2015-10-10/MalwareClassification](https://github.com/2015-10-10/MalwareClassification)
[https://github.com/pfohjo/nitro](https://github.com/pfohjo/nitro)
[https://github.com/researcherGeekLab/AMIV](https://github.com/researcherGeekLab/AMIV)
[https://github.com/Te-k/malware-classification](https://github.com/Te-k/malware-classification)
[https://github.com/lanninghuanxue/DroidJ](https://github.com/lanninghuanxue/DroidJ)
[https://github.com/CvvT/AppTroy](https://github.com/CvvT/AppTroy)
[https://github.com/monnappa22/Limon](https://github.com/monnappa22/Limon)
[https://github.com/androguard/androguard](https://github.com/androguard/androguard)
[https://github.com/sh4hin/Androl4b](https://github.com/sh4hin/Androl4b)
[https://github.com/jnferguson/entropyDeviation](https://github.com/jnferguson/entropyDeviation)
[]()

# Course Book
[https://github.com/RPISEC/Malware](https://github.com/RPISEC/Malware)
[https://github.com/rshipp/awesome-malware-analysis](https://github.com/rshipp/awesome-malware-analysis)
[https://github.com/mgoffin/malwarecookbook](https://github.com/mgoffin/malwarecookbook)
[https://github.com/MISP/MISP](https://github.com/MISP/MISP)
[https://github.com/wyyqyl/MalwareAnalysis](https://github.com/wyyqyl/MalwareAnalysis)
[https://github.com/secmobi/amatutor](https://github.com/secmobi/amatutor)
[https://github.com/pandazheng/amatutor](https://github.com/pandazheng/amatutor)
[]()

# AntiMalware Software
[https://github.com/twitter-university/AntiMalware](https://github.com/twitter-university/AntiMalware)
[https://github.com/ssesha/MalwareScanner](https://github.com/ssesha/MalwareScanner)
[https://github.com/acprimer/MalwareDetector](https://github.com/acprimer/MalwareDetector)
[https://github.com/kapilkchaurasia/Behavior-Based-Malware-Detection-System-for-Android](https://github.com/kapilkchaurasia/Behavior-Based-Malware-Detection-System-for-Android)
[]()

# Samples
[https://github.com/ashishb/ios-malware](https://github.com/ashishb/ios-malware)

# APT
[https://github.com/hfiref0x/CVE-2015-1701](https://github.com/hfiref0x/CVE-2015-1701)
[https://github.com/michael-yip/APTMalwareNotes](https://github.com/michael-yip/APTMalwareNotes)
[https://github.com/abzcoding/aptdetector](https://github.com/abzcoding/aptdetector)
[https://github.com/harsh2602/APT-Detection-Via-Graph-Analytics](https://github.com/harsh2602/APT-Detection-Via-Graph-Analytics)
[https://github.com/Tryan18/XCOM](https://github.com/Tryan18/XCOM)
[https://github.com/aroradhruv03/APThreatDetectionSys](https://github.com/aroradhruv03/APThreatDetectionSys)
[https://github.com/tobypinder/ludumdare32](https://github.com/tobypinder/ludumdare32)
[https://github.com/hslatman/awesome-threat-intelligence](https://github.com/hslatman/awesome-threat-intelligence)
[https://github.com/peterfelfer/AtomProbeTutorials](https://github.com/peterfelfer/AtomProbeTutorials)
[]()

# Tools
https://sourceforge.net/projects/remnux/files/
https://remnux.org/docs/distro/tools/

# 在线画图工具
https://www.processon.com/
http://www.xmindchina.net/

# 脱壳逆向
https://tuts4you.com
http://www.woodmann.com/
https://bbs.pediy.com/thread-224537.htm
https://bbs.pediy.com/thread-196797.htm